Membermouse < 2.2.9 - Blind SQL Injection



Description
Note: It seems like the affected plugin is the premium version (from https://membermouse.com), the free one has been closed as of v1.2.0

Affects Plugin

fixed in version 2.2.9

References

CVE 2018-11309
URL https://blog.riccardoancarani.it/cve-2018-11309-blind-sql-injection-in-membermouse-plugin/

Classification

Type SQLI
OWASP Top 10 A1: Injection
CWE CWE-89

Miscellaneous

Views 1055
Verified No
WPVDB ID 9601

Timeline

Publicly Published 2018-05-27 (over 1 year ago)
Added 2019-08-22 (3 months ago)
Last Updated 2019-08-27 (3 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin